Archives

Tag Archives for: "web security"

Anushree is an active blogger on security topics at PagePotato. She has over 6 years of experience in information security management and risk-based advisory services, working with organizations like PwC, Deloitte & Adobe. She is a CISA certified professional, with a management degree in Software and Systems from Symbiosis International University. Beyond work, Anushree can be seen practicing various dance forms and dreams of being an established choreographer too.

Data privacy and protection is one of the key aspects which all business need to demonstrate on a continuous basis. There are a wide number of complex privacy laws worldwide, and even stricter penalties if those directives are not complied to. Some common privacy regulations are the U.S. Health Insurance Portability and Accountability Act (HIPAA), Canada’s Privacy Law, the U.S. Gramm-Leach-Bliley Act (GLBA), the Payment Card Industry Data Security Standard (PCI DSS), and Australia’s Privacy Laws. However, the next big suite of regulations in this field is the General Data Protection Regulation (GDPR).

Anushree is an active blogger on security topics at PagePotato. She has over 6 years of experience in information security management and risk-based advisory services, working with organizations like PwC, Deloitte & Adobe. She is a CISA certified professional, with a management degree in Software and Systems from Symbiosis International University. Beyond work, Anushree can be seen practicing various dance forms and dreams of being an established choreographer too.

WordPress websites serve as prime hacker targets. In addition to the platform core, the hackers exploit vulnerabilities like backdoors, malware etc in the various plugins available for website protection. While the key measures to WordPress Security are known and illustrated here , listed below are some additional security checks to be incorporated at the file / directory code levels.

Deny automatic execution of all PHP files

All WordPress websites require new content to be uploaded, and hence the upload directory ‘wp-content/uploads’ usually has Write privileges. This leads to significant risk since malicious PHP files can be entered via this route. While the […]